[1/9] migration-3.4: add missing entry on EXTRA_USERS_PARAMS

From: Paul Eggleton <paul.eggleton@microsoft.com>

We missed noting this in 3.4 but I noticed the documentation was
recently updated, so note the removal.

Signed-off-by: Paul Eggleton <paul.eggleton@microsoft.com>
---
 documentation/migration-guides/migration-3.4.rst | 7 +++++++
 1 file changed, 7 insertions(+)

Hi Paul,

On 4/22/22 03:40, Paul Eggleton wrote:
> We missed noting this in 3.4 but I noticed the documentation was
> recently updated, so note the removal.
> 
> Signed-off-by: Paul Eggleton <paul.eggleton@microsoft.com>
> ---
>   documentation/migration-guides/migration-3.4.rst | 7 +++++++
>   1 file changed, 7 insertions(+)
> 
> diff --git a/documentation/migration-guides/migration-3.4.rst b/documentation/migration-guides/migration-3.4.rst
> index 139b2bf..dead6bc 100644
> --- a/documentation/migration-guides/migration-3.4.rst
> +++ b/documentation/migration-guides/migration-3.4.rst
> @@ -265,6 +265,13 @@ Miscellaneous
>     built-in override support in the fetcher or overrides in general
>     instead.
>   
> +- The ``-P`` (``--clear-password``) option can no longer be used with
> +  ``useradd`` and ``usermod`` entries in :term:`EXTRA_USERS_PARAMS`.
> +  It was being implemented using a custom patch to the ``shadow`` recipe
> +  which clashed with a ``-P`` option that was added upstream in
> +  ``shadow`` version 4.9, and in any case is fundamentally insecure.
> +

Nice catch!

I would say that only hashed passwords are supported now and point to 
the extrausers.bbclass doc here: 
https://docs.yoctoproject.org/ref-manual/classes.html#extrausers-bbclass 
which explains how to do it?

and maybe we should mention this in the EXTRA_USERS_PARAMS actually in 
addition to where it currently is located (extrausers.bbclass).

Cheers,
Quentin

On Fri, 2022-04-22 at 12:30 +0200, Quentin Schulz wrote:
> Hi Paul,
> 
> On 4/22/22 03:40, Paul Eggleton wrote:
> > We missed noting this in 3.4 but I noticed the documentation was
> > recently updated, so note the removal.
> > 
> > Signed-off-by: Paul Eggleton <paul.eggleton@microsoft.com>
> > ---
> >   documentation/migration-guides/migration-3.4.rst | 7 +++++++
> >   1 file changed, 7 insertions(+)
> > 
> > diff --git a/documentation/migration-guides/migration-3.4.rst b/documentation/migration-guides/migration-3.4.rst
> > index 139b2bf..dead6bc 100644
> > --- a/documentation/migration-guides/migration-3.4.rst
> > +++ b/documentation/migration-guides/migration-3.4.rst
> > @@ -265,6 +265,13 @@ Miscellaneous
> >     built-in override support in the fetcher or overrides in general
> >     instead.
> >   
> > +- The ``-P`` (``--clear-password``) option can no longer be used with
> > +  ``useradd`` and ``usermod`` entries in :term:`EXTRA_USERS_PARAMS`.
> > +  It was being implemented using a custom patch to the ``shadow`` recipe
> > +  which clashed with a ``-P`` option that was added upstream in
> > +  ``shadow`` version 4.9, and in any case is fundamentally insecure.
> > +
> 
> Nice catch!
> 
> I would say that only hashed passwords are supported now and point to 
> the extrausers.bbclass doc here: 
> https://docs.yoctoproject.org/ref-manual/classes.html#extrausers-bbclass 
> which explains how to do it?
> 
> and maybe we should mention this in the EXTRA_USERS_PARAMS actually in 
> addition to where it currently is located (extrausers.bbclass).

Can I tempt you to send a follow up patch against master-next please? :)

Cheers,

Richard